Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Align Spake2 protocol message type definition with spec #4167

Merged
merged 1 commit into from
Dec 18, 2020
Merged

Align Spake2 protocol message type definition with spec #4167

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 6 additions & 3 deletions src/protocols/secure_channel/SecureChannelProtocol.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,9 +52,12 @@ enum class MsgType
StandaloneAck = 0x10,

// Password-based session establishment Message Types
PASE_Spake2pA = 0x20,
PASE_Spake2pB = 0x21,
PASE_Spake2cA = 0x22,
PBKDFParamRequest = 0x20,
PBKDFParamResponse = 0x21,
PASE_Spake2p1 = 0x22,
PASE_Spake2p2 = 0x23,
PASE_Spake2p3 = 0x24,
PASE_Spake2pError = 0x2F,

// Certificate-based session establishment Message Types
CASE_SigmaR1 = 0x30,
Expand Down
46 changes: 23 additions & 23 deletions src/transport/SecurePairingSession.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ void SecurePairingSession::Clear()
memset(&mPoint[0], 0, sizeof(mPoint));
memset(&mWS[0][0], 0, sizeof(mWS));
memset(&mKe[0], 0, sizeof(mKe));
mNextExpectedMsg = Spake2pMsgType::kSpake2pMsgError;
mNextExpectedMsg = Protocols::SecureChannel::MsgType::PASE_Spake2pError;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder whether using namespace Protocols::SecureChannel; might be helpful to reduce the typing. Or using MsgType = Protocols::SecureChannel::MsgType?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Followup for this one as desired.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

using MsgType = Protocols::SecureChannel::MsgType

Now we have taken out the prefix of MsgType, Then how we differentiate "using MsgType = Protocols::Common::MsgType" and "using MsgType = Protocols::SecureChannel::MsgType" ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we have to deal with both of them here, then we can't do that, of course. In that case maybe the best thing to do is using namespace chip::Protocols; or namespace SecureChannel = Protocols::SecureChannel;. Again, just to make things a bit shorter; it's not a big deal either way.

mSpake2p.Init(nullptr);
mCommissioningHash.Clear();
mIterationCount = 0;
Expand Down Expand Up @@ -240,7 +240,7 @@ CHIP_ERROR SecurePairingSession::WaitForPairing(uint32_t mySetUpPINCode, uint32_

mIterationCount = pbkdf2IterCount;

mNextExpectedMsg = Spake2pMsgType::kPBKDFParamRequest;
mNextExpectedMsg = Protocols::SecureChannel::MsgType::PBKDFParamRequest;
mPairingComplete = false;

ChipLogDetail(Ble, "Waiting for PBKDF param request");
Expand All @@ -253,14 +253,14 @@ CHIP_ERROR SecurePairingSession::WaitForPairing(uint32_t mySetUpPINCode, uint32_
return err;
}

CHIP_ERROR SecurePairingSession::AttachHeaderAndSend(uint8_t msgType, System::PacketBufferHandle msgBuf)
CHIP_ERROR SecurePairingSession::AttachHeaderAndSend(Protocols::SecureChannel::MsgType msgType, System::PacketBufferHandle msgBuf)
{
CHIP_ERROR err = CHIP_NO_ERROR;

PayloadHeader payloadHeader;

payloadHeader
.SetMessageType(msgType) //
.SetMessageType(static_cast<uint8_t>(msgType)) //
.SetProtocolID(Protocols::kProtocol_SecureChannel);

uint16_t headerSize = payloadHeader.EncodeSizeBytes();
Expand Down Expand Up @@ -331,9 +331,9 @@ CHIP_ERROR SecurePairingSession::SendPBKDFParamRequest()
err = mCommissioningHash.AddData(req->Start(), req->DataLength());
SuccessOrExit(err);

mNextExpectedMsg = Spake2pMsgType::kPBKDFParamResponse;
mNextExpectedMsg = Protocols::SecureChannel::MsgType::PBKDFParamResponse;

err = AttachHeaderAndSend(Spake2pMsgType::kPBKDFParamRequest, std::move(req));
err = AttachHeaderAndSend(Protocols::SecureChannel::MsgType::PBKDFParamRequest, std::move(req));
SuccessOrExit(err);

ChipLogDetail(Ble, "Sent PBKDF param request");
Expand Down Expand Up @@ -422,9 +422,9 @@ CHIP_ERROR SecurePairingSession::SendPBKDFParamResponse()
err = mSpake2p.ComputeL(mPoint, &sizeof_point, &mWS[1][0], kSpake2p_WS_Length);
SuccessOrExit(err);

mNextExpectedMsg = Spake2pMsgType::kSpake2pMsg1;
mNextExpectedMsg = Protocols::SecureChannel::MsgType::PASE_Spake2p1;

err = AttachHeaderAndSend(Spake2pMsgType::kPBKDFParamResponse, std::move(resp));
err = AttachHeaderAndSend(Protocols::SecureChannel::MsgType::PBKDFParamResponse, std::move(resp));
SuccessOrExit(err);

ChipLogDetail(Ble, "Sent PBKDF param response");
Expand Down Expand Up @@ -505,10 +505,10 @@ CHIP_ERROR SecurePairingSession::SendMsg1()
memcpy(msg_pA->Start(), &X[0], X_len);

msg_pA->SetDataLength(data_len);
mNextExpectedMsg = Spake2pMsgType::kSpake2pMsg2;
mNextExpectedMsg = Protocols::SecureChannel::MsgType::PASE_Spake2p2;

// Call delegate to send the Msg1 to peer
err = AttachHeaderAndSend(Spake2pMsgType::kSpake2pMsg1, std::move(msg_pA));
err = AttachHeaderAndSend(Protocols::SecureChannel::MsgType::PASE_Spake2p1, std::move(msg_pA));
SuccessOrExit(err);

ChipLogDetail(Ble, "Sent spake2p msg1");
Expand Down Expand Up @@ -568,10 +568,10 @@ CHIP_ERROR SecurePairingSession::HandleMsg1_and_SendMsg2(const PacketHeader & he
}

resp->SetDataLength(data_len);
mNextExpectedMsg = Spake2pMsgType::kSpake2pMsg3;
mNextExpectedMsg = Protocols::SecureChannel::MsgType::PASE_Spake2p3;

// Call delegate to send the Msg2 to peer
err = AttachHeaderAndSend(Spake2pMsgType::kSpake2pMsg2, std::move(resp));
err = AttachHeaderAndSend(Protocols::SecureChannel::MsgType::PASE_Spake2p2, std::move(resp));
SuccessOrExit(err);

ChipLogDetail(Ble, "Sent spake2p msg2");
Expand Down Expand Up @@ -625,7 +625,7 @@ CHIP_ERROR SecurePairingSession::HandleMsg2_and_SendMsg3(const PacketHeader & he
resp->SetDataLength(verifier_len);

// Call delegate to send the Msg3 to peer
err = AttachHeaderAndSend(Spake2pMsgType::kSpake2pMsg3, std::move(resp));
err = AttachHeaderAndSend(Protocols::SecureChannel::MsgType::PASE_Spake2p3, std::move(resp));
SuccessOrExit(err);

ChipLogDetail(Ble, "Sent spake2p msg3");
Expand Down Expand Up @@ -665,9 +665,9 @@ CHIP_ERROR SecurePairingSession::HandleMsg3(const PacketHeader & header, const S

ChipLogDetail(Ble, "Received spake2p msg3");

// We will set NextExpectedMsg to kSpake2pMsgError in all cases
// However, when we are using IP rendezvous, we might set it to kSpake2pMsg1.
mNextExpectedMsg = Spake2pMsgType::kSpake2pMsgError;
// We will set NextExpectedMsg to PASE_Spake2pError in all cases
// However, when we are using IP rendezvous, we might set it to PASE_Spake2p1.
mNextExpectedMsg = Protocols::SecureChannel::MsgType::PASE_Spake2pError;

VerifyOrExit(hash != nullptr, err = CHIP_ERROR_MESSAGE_INCOMPLETE);
VerifyOrExit(msg->DataLength() == kMAX_Hash_Length, err = CHIP_ERROR_INVALID_MESSAGE_LENGTH);
Expand Down Expand Up @@ -715,7 +715,7 @@ void SecurePairingSession::SendErrorMsg(Spake2pErrorType errorCode)

msg->SetDataLength(msglen);

err = AttachHeaderAndSend(Spake2pMsgType::kSpake2pMsgError, std::move(msg));
err = AttachHeaderAndSend(Protocols::SecureChannel::MsgType::PASE_Spake2pError, std::move(msg));
SuccessOrExit(err);

exit:
Expand Down Expand Up @@ -758,25 +758,25 @@ CHIP_ERROR SecurePairingSession::HandlePeerMessage(const PacketHeader & packetHe

mPeerAddress = peerAddress;

switch (static_cast<Spake2pMsgType>(payloadHeader.GetMessageType()))
switch (static_cast<Protocols::SecureChannel::MsgType>(payloadHeader.GetMessageType()))
{
case Spake2pMsgType::kPBKDFParamRequest:
case Protocols::SecureChannel::MsgType::PBKDFParamRequest:
err = HandlePBKDFParamRequest(packetHeader, msg);
break;

case Spake2pMsgType::kPBKDFParamResponse:
case Protocols::SecureChannel::MsgType::PBKDFParamResponse:
err = HandlePBKDFParamResponse(packetHeader, msg);
break;

case Spake2pMsgType::kSpake2pMsg1:
case Protocols::SecureChannel::MsgType::PASE_Spake2p1:
err = HandleMsg1_and_SendMsg2(packetHeader, msg);
break;

case Spake2pMsgType::kSpake2pMsg2:
case Protocols::SecureChannel::MsgType::PASE_Spake2p2:
err = HandleMsg2_and_SendMsg3(packetHeader, msg);
break;

case Spake2pMsgType::kSpake2pMsg3:
case Protocols::SecureChannel::MsgType::PASE_Spake2p3:
err = HandleMsg3(packetHeader, msg);
break;

Expand Down
15 changes: 3 additions & 12 deletions src/transport/SecurePairingSession.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
#pragma once

#include <crypto/CHIPCryptoPAL.h>
#include <protocols/secure_channel/SecureChannelProtocol.h>
#include <support/Base64.h>
#include <system/SystemPacketBuffer.h>
#include <transport/SecureSession.h>
Expand Down Expand Up @@ -232,25 +233,15 @@ class DLL_EXPORT SecurePairingSession
void SendErrorMsg(Spake2pErrorType errorCode);
void HandleErrorMsg(const PacketHeader & header, const System::PacketBufferHandle & msg);

CHIP_ERROR AttachHeaderAndSend(uint8_t msgType, System::PacketBufferHandle msgBuf);
CHIP_ERROR AttachHeaderAndSend(Protocols::SecureChannel::MsgType msgType, System::PacketBufferHandle msgBuf);

void Clear();

static constexpr size_t kSpake2p_WS_Length = kP256_FE_Length + 8;

enum Spake2pMsgType : uint8_t
{
kPBKDFParamRequest = 0x20,
kPBKDFParamResponse = 0x21,
kSpake2pMsg1 = 0x22,
kSpake2pMsg2 = 0x23,
kSpake2pMsg3 = 0x24,
kSpake2pMsgError = 0x2f,
};

SecurePairingSessionDelegate * mDelegate = nullptr;

Spake2pMsgType mNextExpectedMsg = Spake2pMsgType::kSpake2pMsgError;
Protocols::SecureChannel::MsgType mNextExpectedMsg = Protocols::SecureChannel::MsgType::PASE_Spake2pError;

Spake2p_P256_SHA256_HKDF_HMAC mSpake2p;

Expand Down